84 matches found
EUVD-2005-0434
Malware in sbrugna...
EUVD-2005-0444
Malware in sbrugna...
EUVD-2005-0660
Malware in sbrugna...
EUVD-2005-0656
Malware in sbrugna...
EUVD-2004-2001
Malware in sbrugna...
EUVD-2011-3762
Malware in sbrugna...
CVE-2011-3801
SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visualtest.php and certain other files...
CVE-2011-3797
ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files...
CVE-2011-3809
TheHostingTool THT 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pear/Mail/smtp.php and certain other files...
CVE-2005-4172
eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message...
CVE-2016-9852
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9855
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9852
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9854
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
Mageia: Security Advisory (MGASA-2016-0051)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : phpmyadmin -- Full path disclosure vulnerability in SQL parser (78b4ebfb-c60b-11e5-bf36-6805ca0b3d42)
The phpMyAdmin development team reports : By calling a particular script that is part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. We consider this vulnerability...
FreeBSD : phpmyadmin -- Multiple full path disclosure vulnerabilities (740badcb-c60b-11e5-bf36-6805ca0b3d42)
The phpMyAdmin development team reports : By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. We consider these vulnerabilities to...
Updated phpmyadmin packages fix security vulnerabilities
Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities waraxe-2012-SA093 - Multiple Vulnerabilities in Wordpress Social Discussions Plugin ====================================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012...
CVE-2006-1119
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message...